當(dāng)前位置：信管網(wǎng) >> 信息安全工程師 >> 每日一練 >> 文章內(nèi)容

信息安全工程師每日一練試題（2025/10/20）

來源：信管網(wǎng) 2025年10月21日【所有評論】

信息安全工程師當(dāng)天每日一練試題地址：www.richmond-chase.com/exam/ExamDay.aspx?t1=6

往期信息安全工程師每日一練試題匯總：www.richmond-chase.com/class/27/e6_1.html

信息安全工程師每日一練試題（2025/10/20）在線測試：www.richmond-chase.com/exam/ExamDay.aspx?t1=6&day=2025/10/20

點擊查看：更多信息安全工程師習(xí)題與指導(dǎo)

信息安全工程師每日一練試題內(nèi)容（2025/10/20）

試題1
SSL協(xié)議是對稱密碼和公鑰密碼技術(shù)相結(jié)合的協(xié)議，該協(xié)議不能提供的安全服務(wù)是（）
A.保密性
B.可用性
C.完整性
D.可認(rèn)證性
查看答案
試題參考答案：B
試題解析與討論：www.richmond-chase.com/exam/ExamDay.aspx?t1=6&day=2025/10/20
試題2
PKI是一種標(biāo)準(zhǔn)的公鑰密碼密鑰管理平臺。在PKI中，認(rèn)證中心CA是整個PKI體系中各方都承認(rèn)的一個值得信賴的、公正的第三方機構(gòu)。CA的功能不包括（）。
A.證書的頒發(fā)
B.證書的審批
C.證書的加密
D.證書的備份
查看答案
試題參考答案：C
試題解析與討論：www.richmond-chase.com/exam/ExamDay.aspx?t1=6&day=2025/10/20
試題3
PKI中撤銷證書是通過維護一個證書撤銷列表CRL來實現(xiàn)的。以下不會導(dǎo)致證書被撤銷的是（）。
A.密鑰泄漏
B.系統(tǒng)升級
C.證書到期
D.從屬變更
查看答案
試題參考答案：B
試題解析與討論：www.richmond-chase.com/exam/ExamDay.aspx?t1=6&day=2025/10/20
試題4
Symmetric-key cryptosystems use the（） key for encryption and decryption of a message,though a message or group of messages may have a different key than others. A significant disadvantage of symmetric ciphers is the key management necessary to use them securely.Each distinct pair of communicating parties must, ideally, share a different key, and perhaps each ciphertext exchanged as well. The number of keys required increases as the square of the number of network members,which very quickly requires complex key management schemes to keep them all straight and secret. The difficulty of securely establishing a secret（）between two communicating parties, when a secure channel doesn't already exist between them, also presents a chicken-and-egg problem which is a considerable practical obstacle for cryptography users in the real world.
Whitfield Dif?ie and Martin Hellman, authors of the first paper on public-key cryptography.
In a groundbreaking 1976 paper, Whitfield Diffie and Martin Hellman proposed the notion of public-key (also, more generally, called asymmetric key) cryptography in which two different but mathematically related keys are used-a public key and a private key. A public key system is so constructed that calculation of one key (the private key) is computationally infeasible（）the other (the public key), even though they are necessarily related. Instead, both keys are generated secretly, as an interrelated pair. The historian David Kahn described public-key cryptography as “the most revolutionary new concept in the field since poly-alphabetic substitution emerged in the Renaissance”.
In public-key cryptosystems,the（）key may be freely distributed,while its paired private key must remain secret. The public key is typically used for encryption, while the private or secret key is used for decryption. Diffie and Hellman showed that public-key cryptography was possible by presenting the Diffie-Hellman key exchange protocol.
In 1978, Ronald Rivest, Adi Shamir, and Len Adleman invented（）,another public-key system.
In 1997, it finally became publicly known that asymmetric key cryptography had been invented by James H. Ellis at GCHQ,a British intelligence organization, and that, in the early 1970s,both the Diffie-Hellman and RSA algorithms had been previously developed(by Malcolm J. Williamson and Clifford Cocks, respectively).
(1) A. different
B. same
C.public
D. private
(2)A. plaintext
B. stream
C.ciphertext
D.key
(3)A.from
B. in
C.to
D.of
(4)A.public
B.private
C.symmetric
D.asymmetric
(5) A.DES
B.AES
C.RSA
D.IDEA
查看答案
試題參考答案：B、D、A、A、C
試題解析與討論：www.richmond-chase.com/exam/ExamDay.aspx?t1=6&day=2025/10/20
試題5
訪問控制機制是由一組安全機制構(gòu)成，可以抽象為一個簡單模型，以下不屬于訪問控制模型要素的是()。
A．主體
B．客體
C．審計庫
D．協(xié)議
查看答案
試題參考答案：D
試題解析與討論：www.richmond-chase.com/exam/ExamDay.aspx?t1=6&day=2025/10/20
試題6
典型的水印攻擊方式包括:魯棒性攻擊、表達(dá)攻擊、解釋攻擊和法律攻擊.其中魯棒性攻擊是指在不損害圖像使用價值的前提下減弱、移去或破壞水印的一類攻擊方式.以下不屬于魯棒性攻擊的是（）。
A.像素值失真攻擊
B.敏感性分析攻擊
C.置亂攻擊
D.梯度下降攻擊
查看答案
試題參考答案：C
試題解析與討論：www.richmond-chase.com/exam/ExamDay.aspx?t1=6&day=2025/10/20
試題7

特洛伊木馬攻擊的威脅類型屬于（）
A、授權(quán)侵犯威脅
B、滲入威脅
C、植入威脅
D、旁路控制威脅
查看答案
試題參考答案：C
試題解析與討論：www.richmond-chase.com/exam/ExamDay.aspx?t1=6&day=2025/10/20
試題8
Oracle數(shù)據(jù)庫建立數(shù)據(jù)庫保險庫（DV）機制，該機制用于保護敏感數(shù)據(jù)，具有防止數(shù)據(jù)系統(tǒng)未授權(quán)變更、多因素可信授權(quán)、職麥隔高、最小化特權(quán)的功能。DV機制通過設(shè)置（）對特權(quán)進行控制。
A．透明數(shù)據(jù)加密和數(shù)據(jù)屏蔽
B．多級認(rèn)證和數(shù)據(jù)庫管理員
C．強認(rèn)證和網(wǎng)絡(luò)認(rèn)證
D．安全域和命令規(guī)則
查看答案
試題參考答案：D
試題解析與討論：www.richmond-chase.com/exam/ExamDay.aspx?t1=6&day=2025/10/20
試題9
操作系統(tǒng)審計一般是對操作系統(tǒng)用戶和系統(tǒng)服務(wù)進行記錄，主要包括用戶登錄和注銷、系統(tǒng)服務(wù)啟動和關(guān)閉、安全事件等。Linux操作系統(tǒng)自帶審計功能，其中日志文件wtmp是（）。
A．當(dāng)前用戶登錄日志
B．用戶登錄和退出日志
C．用戶命令操作日志
D．最近登錄日志
查看答案
試題參考答案：B
試題解析與討論：www.richmond-chase.com/exam/ExamDay.aspx?t1=6&day=2025/10/20
試題10
按照《計算機場地通用規(guī)范（GB／T2887-2011）》的規(guī)定，計算機機房分為四類：主要工作房間、第一類輔助房間、第二類輔助房間和第三類輔助房間。以下屬于第一類輔助房間的是（）。
A．終端室
B．監(jiān)控室
C．資料室
D．儲藏室
查看答案
試題參考答案：B
試題解析與討論：www.richmond-chase.com/exam/ExamDay.aspx?t1=6&day=2025/10/20

信管網(wǎng)訂閱號

信管網(wǎng)視頻號

信管網(wǎng)抖音號

溫馨提示：因考試政策、內(nèi)容不斷變化與調(diào)整，信管網(wǎng)網(wǎng)站提供的以上信息僅供參考，如有異議，請以權(quán)威部門公布的內(nèi)容為準(zhǔn)！

信管網(wǎng)致力于為廣大信管從業(yè)人員、愛好者、大學(xué)生提供專業(yè)、高質(zhì)量的課程和服務(wù)，解決其考試證書、技能提升和就業(yè)的需求。

信管網(wǎng)軟考課程由信管網(wǎng)依托10年專業(yè)軟考教研傾力打造，教材和資料參編作者和資深講師坐鎮(zhèn)，通過深研歷年考試出題規(guī)律與考試大綱，深挖核心知識與高頻考點，為學(xué)員考試保駕護航。面授、直播＆錄播，多種班型靈活學(xué)習(xí)，滿足不同學(xué)員考證需求，降低課程學(xué)習(xí)難度，使學(xué)習(xí)效果事半功倍。